I'm currenly trying to use amazon s3 as image hosting through cloudflare.
I would like to use my subdomain as image url.
I set CNAME in cloudflare like below.
image.domain.com CNAME image.domain.com.s3.amazonaws.com
my bucket name in s3 is image.domain.com
But I got error below when I go to image.domain.com
<Error>
<Code>InvalidArgument</Code>
<Message>Unsupported Authorization Type</Message>
<ArgumentValue>Basic dGFiaXBlZGlhc3RhZmdedaefaeeYW5jZQ==</ArgumentValue
<ArgumentName>Authorization</ArgumentName>
<RequestId>4EEDAB31EAD3C24F1</RequestId>
<HostId>
DbqMpmzTxU4c/gE4uC6fadaebwtb35wtggtbrtbtt vIm5IZC9lg1xDoixF
</HostId>
</Error>
I have to use website hosting in s3 for this setting? or I missed some configurations..?
That looks like more of an issue with S3, from what I can see. Some general tips about S3 and CloudFlare.
Related
Let's say I have an S3 bucket named example.com and I want to serve its content through CloudFront using an alternate domain example.com.
I've added a CNAME record to direct example.com to the CloudFront endpoint, and secured the domain using an AWS SSL Certificate.
In CloudFront, when I go to select the Origin, it shows my bucket. For example: example.com.s3.amazonaws.com
If I choose this origin, and I browse to https://example.com/my-bucket-item.jpg, I get redirected to https://example.com.s3-us-east-2.amazonaws.com/my-bucket-item.jpg and a "Connection not secure" SSL error appears.
If I set the origin to just the domain example.com then I get a 403 Bad Request error from CloudFront.
From what I understand, my bucket has to share the name of my domain, otherwise I get a "bucket does not exist" error.
I've followed the AWS documentation on this. What I'm doing wrong here?
Update
I successfully got CloudFront to recognize my alternate domain by changing my origin policy to Managed-CORS-S3Origin.
New problem: even though I've selected 'Yes' to 'Restrict Bucket Access', I'm still able to access files via the S3 url. Do I need to turn off public access to my bucket? If I do this, it seems to override my CloudFront policy...
I had to change my origin request policy to Managed-CORS-S3Origin - this solved the general problem for me.
I've uploaded my static files to S3. To cache my files into CDN (and reduce aws cost + better SEO results), I'm using cloudflare.
My bucket name is cdn.mydomainname.com
My Cloudflare CNAME configuration is cdn (name) and cdn.mydomainname.com.region_code.s3.amazonaws.com(alias)
However, there's a problem. Whenever, I browse my webpages, the static files does not load because of https error stating Your connection is not private. Upon accepting it, my image url cdn.mydomainname.com/image.jpeg is redirected to https://region_code.amazonaws.com/cdn-mydomainname-com/image.jpeg. Now when I check my network logs, the image is not cache by Cloudflare, as I can see below in my response headers.
Server: AmazonS3
x-amz-id-2: some_id
x-amz-request-id: some_id
I've read through multiple blogs, SO questions and documentation, but I'm not able to find the solution.
Some people recommend not to use bucket name as cdn.mydomainname.com. Instead use something like cdn-mydomainname-com.
Now my Cloudflare CNAME configuration is cdn (name) and cdn-mydomainname-com.region_code.s3.amazonaws.com(alias)
There are 2 problems with it.
1) My urls will not be pretty (https://region_code.amazonaws.com/cdn-mydomainname-com/image.jpeg). This will negatively impact my SEO.
2) It again shows the same response headers as shown previously.
Server: AmazonS3
x-amz-id-2: some_id
x-amz-request-id: some_id
What can be done to curbe this? Where am I wrong
UPDATE
I tried to host a static file on my server, and that file is served from Cloudflare as checked in the response headers (CF-CACHE-STATUS: HIT)
Try pointing CloudFlare's CNAME to
cdn-mydomainname-com.region_code.s3.amazonaws.com
but leave your bucket name as
cdn.mydomainname.com
and access your image at
cdn.mydomainname.com/myimage
S3 will use the hostname that CloudFlare sends when looking up the bucket not the subdomain. Indeed you can put any subdomain in CloudFlare you want. The important part is that the subdomain has no dots in it. The certificate S3 presents to CloudFlare is a wildcard certificate of form
*.region_code.s3.amazonasw.com
so CloudFlare will accept it as valid for
cdn-mydomainname-com.region_code.s3.amazonaws.com
and the image will pass through CloudFlare as desired.
I'm using AWS S3 and Cloudfront to host a website (e.g. www.company.com). I want to additionally have the the naked domain (without the www) to point to the same content. I initially created a redirect in DNS but https://company.com didn't work.
I can create an apex record for the naked domain in the DNS but can I point it to the same cloudfront CNAME used for the www.company.com or do I have to create a new S3 bucket and new cloudfront distribution?
S3 to CloudFront Distribution
Create two CloudFront distributions
Request for Certificates from AWS Certificates Manager
Create CNAME with Route 53 and point the alias target to the respective distributions
Create Origin in both distributions pointing to that S3 bucket
Hope it helps.
Another solution using only one Cloudfront distribution, if redirecting company.com to www.company.com is acceptable (usually it's preferred).
Create an S3 bucket named company.com
Configure the bucket for static website hosting. Choose "Redirect requests for an object" and enter www.company.com.
Update your DNS a record to point to the bucket.
I Set Amazon s3 to my custom Domain Like the below
cdn.example.com. CNAME s3.amazonaws.com
I have purchased a Wildcart SSL From Namecheap and installed via Cpanel
Now I need to Activate https://cdn.example.com
When request https://cdn.example.com the SSL error is Coming in broswer as normail SSL is not install Non secured page
how To Set WILDCART SSL To CNAME subdomain
Make a Cloudfront Distribution for the Corresponding bucket.
Then install the sll on the cloudfront
You Can See how SSL is installed on cloudfront here
https://bryce.fisher-fleig.org/blog/setting-up-ssl-on-aws-cloudfront-and-s3/
I'm using s3 with cloudfront. I have an application that has two index files.
/index
/admin/index
The /index works fine the /admin/index requires me to put /admin/index.html without including index.html it throws
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>D989FEFADF688159</RequestId>
<HostId>
GvoytrXvDOLPu26AiYYaq6Zi4ck42xyZy3mdxlSF8q5AZc4WEphayr5o6WVDxNM7+qutIAfn53k=
</HostId>
</Error>
I checked the permissions on the file they are correctly set. Additionally I can view the file when using the full url /admin/index.html.
Is this expected behavior or something wrong with my configuration of s3 / cloudfront.
I think cloudfront is the issue. It appears you can't have multiple index files when using cloud front. http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html
I ended up adding the index.html to the route to make it work.